CVE-2025-60541

CVSS v3.1

7.3

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions linshenkx prompt-optimizer versions 1.3.0 through 1.4.2

Description A Server-Side Request Forgery (SSRF) exists in the /api/proxy/ component. This allows attackers to scan internal resources by sending a specially crafted request. The api/proxy endpoint is vulnerable.

Recommendations Update to a version later than 1.4.2.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2025-60541

Affected Products

Prompt-Optimizer

CVE-2025-60541

Weakness Enumeration

Related Identifiers

Affected Products

References · 6